Created Jun 9, 2015

This documentation is mostly for archival purposes. I will not provide support or clarifications because the process is complicated and others issues not noted in the steps will occur. The way I patched the requests/responses is set up Charles Proxy to forward all ECS/NUS/IVS requests (at ip:8888) to Nintendo's server (ClCert needed). Then I put a breakpoint on all requests/responses. Modifying requests will change what Nintendo sees. Modifying responses will change what the 3DS sees. Both are needed.

7b) If it errors, you need to capture the correct @me/profile request. To do that, on the O3DS, close and re-enter eshop, and pass the oauth20 request through (no patches), then pass the @me/profile request through and save the response. Finally log-out of your NNID by either restarting eshop and replacing the next request to account.nintendo.net with an invalid Authorization header (replace with junk) or go into system settings -> NNID settings and setting auto-login to false

8) The next request is for https://account.nintendo.net/v1/api/provider/service_token/@me, replace X-Nintendo-Device-ID, X-Nintendo-Serial-Number, X-Nintendo-Device-Cert headers with that from 3a